From: Jayatillake, Rohana (rjayatillake@csu.edu.au)
Date: Sun Oct 19 2003 - 20:46:04 EDT
Dear Sun managers
I have an iPlanet Directory Server 5.1 running on a Solaris 8 machine to
authenticate clients to Unix hosts using LDAP. Authentication using
logon account stored centrally stored in directory server is working
fine. But I have a different question, once a unix host is initialised
with ldapclient command to accept LDAP for logon authentication any body
who has an account in the directory server can login. But I don't want
to happen this as some of the unix hosts are restricted only for
administrators. I was informed that I have to use Role Base Access
Control to restrict users from different hosts. But I couldn't find any
documentation any where how to do this. Does any one know how to add a
policy or configure this in /etc/security/policy.conf, /etc/user_attr,
etc to control access for unix hosts? I am sure some one has done this
previously. Any suggestions and advices are welcome.
Thanks in advance.
Regards
Rohana Jayatillake
Systems & Infrastructure
Division of Information Technology
Charles Sturt University
Bathurst NSW 2795
Email: rjayatillake@csu.edu.au
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:27:19 EDT